MENU Close
Close
  • Home
  • Services
  • Attorneys
  • Resources
  • News & Events
  • About Us
  • Contact Us
  • Join our Team
Search
Back
    Quick Links:
    Join Webinar
    Read News
    Our Location
    A
    Alternative Dispute ResolutionAntitrust & Trade RegulationAppellate Practice
    B
    Banking & Financial ServicesBankruptcy, Creditors’ Rights, and Financial RestructuringBeer LawBusiness Law
    C
    Cannabis LawConstruction LawCriminal Defense
    E
    Economic Development LawElder Care & Special Needs LawElectronic Discovery ("E-Discovery")Environmental LawEstate Planning and Administration & Wealth PreservationExecutive Compensation, Employment, ERISA, and Employee Benefits
    F
    Food, Beverage & HospitalityFranchise Law
    H
    Health Care & Life SciencesHealth Care ProvidersHigher EducationHospitals and Health Networks
    I
    ImmigrationInsurance CoverageIntellectual PropertyIntellectual Property Litigation, Arbitration, and Dispute ResolutionIntellectual Property Portfolio Strategy, Management & LicensingInternational BusinessInternet Law
    L
    Labor & EmploymentLiquor Law, Licensing, Manufacturing, and DistributionLitigation
    M
    Media LawMergers & AcquisitionsMunicipal Law
    N
    Non-Profit Law
    P
    Patent Preparation and ProsecutionPharmaceutical / Medical Devices / Pharma ServicesProducts and Consumer Liability DefenseProfessional LiabilityPublic Utilities
    R
    Real Estate, Finance, and Land Use
    S
    SecuritiesSolar Energy
    T
    TaxationTelecommunicationsTrademark & Copyright Protection & Enforcement
    V
    Venture Tech & Emerging Growth Companies
    W
    White Collar Investigations & DefenseWorkers’ Compensation
    • New Jersey
    • New York
    • Pennsylvania
    • Blogs
    • Articles
    • Podcasts
    • COVID-19 Resources
    • News
    • Events
    • Webinars
    • About Us
    • Delivering Value
    • Diversity & Inclusion
    • Meritas

    New Jersey

    400 Crossing Boulevard
    8th Floor
    Bridgewater, NJ 08807
    Phone:(908) 722-0700
    Fax:(908) 722-0755

    28 Valley Road
    Suite 1
    Montclair, NJ 07042

    New York

    7 Times Square
    21st Floor
    New York City, NY 10036
    Phone:(212) 808-0700
    Fax:(212) 808-0844

    Pennsylvania

    515 West Hamilton Street
    Suite 502
    Allentown, PA 18101
    Phone:(610) 391-1800
    Fax:(610) 391-1805

    • What sets us apart
    • Attorneys
    • Other Professionals
    • Professional Development
    • Non-Discrimination Policy

    Categories

    Anti-Trust/Trade Regulations Banking/Financial Services Business Operations Choice of Entity Compliance Corporate Finance/Securities Corporate Governance Economic Development Law Entity Formation Franchise Law General Liquor Law Mergers & Acquisitions Public Utilities Real Estate Tax
    Blogs > Biz Law Blog > Five Important Questions to Ask...
    Of Counsel
    James H. Laskey
    Visit Profile

    Five Important Questions to Ask Your Business’s Website Developer

    Creating and maintaining a robust website is an ever-increasing business imperative. Many businesses turn to outside website developers for help. If that includes you, here are some important questions to ask your website developer.

    1. Will My Website Satisfy Cybersecurity Requirements?

    A robust website will collect names, email addresses, usernames, passwords, and credit card numbers. Cybercriminals want to steal – you guessed it - names, email addresses, usernames, passwords, and credit card numbers. The easy advice is “If you can’t protect it, don’t collect it,” but that can make the website far less valuable to you.

    A data breach is not only embarrassing, it is expensive to remedy. All 50 states plus the District of Columbia have laws on the books regarding data breaches. While the provisions vary from state to state, they generally require prompt notice both to affected users and to law enforcement. There can be civil penalties, and of course, the class action plaintiffs’ bar is always paying attention.

    If your database includes information from international users, both the European Union and countries throughout the Asia Pacific region have similar requirements. You will want to know, in particular, that your website developer is familiar with and will be able to comply with the EU’s General Data Protection Regulation (GDPR).

    2. Will My Website Satisfy Privacy Requirements?

    A growing number of jurisdictions have imposed requirements on operators of websites to protect the privacy of their visitors. The California Online Privacy Protection Act is now more than 15 years old, and other states have followed California’s lead, such as Delaware with its Delaware Online Privacy and Protection Act. Despite these widespread requirements, many websites still lack privacy policies, which need to be both comprehensive and conspicuously posted. The lack of a robust privacy policy in the proposal should be a red flag that the website developer is not up to speed regarding these requirements.

    3. Will My Website Satisfy Accessibility Requirements?

    My partner, Tim McKeown, presciently wrote "Is Your Website ADA Compliant?" earlier this year about websites coming under scrutiny due to the Americans with Disabilities Act. Subsequent to Tim’s piece, Domino’s Pizza asked the United States Supreme Court to review a decision of the Ninth Circuit Court of Appeals that has put Domino’s at risk for ADA non-compliance even though regulations still have not been adopted. In the meantime, litigation under the ADA regarding the accessibility of websites continues apace. For example, earlier this month, a California appeals court upheld a verdict that a restaurant whose website did not permit a blind user to make a reservation had violated the ADA. The fact that the restaurant’s online reservation system had been outsourced to Open Table did not excuse the restaurant. In short, this is an important issue not to be overlooked.

    4. Will You Protect Me If I Get Sued?

    As should be apparent from the prior discussion, litigation over website content and performance is growing rapidly. Yet many website development agreements disclaim any warranty regarding legal compliance and actually require the client to indemnify the developer if any third party claims are filed.

    A website developer’s reluctance to indemnify its clients may be understandable given the risks relative to the value of the engagement. But the fact remains that the developer is in the best position to ensure compliance. And as to the risk-reward issue, this brings us to our next question.

    5. Do You Have Insurance to Backstop Your Promises?

    A growing variety of insurance policies are available to cover issues related to cybersecurity, privacy, and other compliance issues. Any business with a website should look into obtaining coverage to protect itself directly. At the same time, however, it is not unreasonable to expect website developers to maintain errors and omissions policies. When a business engages an outside professional, be that an engineer, an architect or, yes, even an attorney, it expects that professional to have insurance available to back-stop the professional’s performance. Businesses would be well advised to put website developers into the same category, and require them to maintain appropriate insurance to cover deficiencies in performance.

    Once you are satisfied with the answers to these questions, the next step is to make sure the answers are built into your service agreement. This is not easy to accomplish. The form agreements used by most website developers will be written to push responsibility for all of these issues back to the client, who typically lacks the necessary expertise to ensure compliance with these requirements. But the risks are real and require careful attention.

    Our Business Law Group is available to work with you the next time you hire a website developer. In the meantime, we will continue to monitor developments in this important area.

    If you have any questions about this post or any related matter, please feel free to contact me at jlaskey@norris-law.com.

    Of Counsel
    James H. Laskey
    Visit Profile

    Related Posts

    When the CCO Is Not Compliant: Failure To Have Independent Testing of Broker/Dealer AML Compliance Meeting Specified Standards: the SEC’s OCIE Assesses Compliance Credential Stuffing: Cyber Intrusions Into Client Accounts of Broker/Dealers and Investment Advisors

    Share

    Tags

    #Cybersecurity #marketing #Website

    Similar Posts

    September 18, 2023
    Altering the Accounts: SEC Chief Accountant Urges “Holism” in Risk Assessment
    Altering the Accounts: SEC Chief Accountant Urges “Holism” in Risk Assessment
    September 14, 2023
    What is the New Beneficial Ownership Information (BOI) Reporting and How Does it Affect Your Business?
    What is the New Beneficial Ownership Information (BOI) Reporting and How Does it Affect Your Business?
    August 29, 2023
    ‘Eating Crowe’: UK Accounting Firm Found Incompetent
    ‘Eating Crowe’: UK Accounting Firm Found Incompetent

    Helpful links

    • About Us
    • News
    • Services
    • Blogs
    • Attorneys
    • Articles
    • (COVID-19)
    • Events
    • Join our Team
    Connect

    Connect with Us

    • LinkedIn
    • Facebook
    • Twitter
    • Instagram
    • Youtube

    Join our growing team

    We are looking for quality attorneys to help us do more for our clients. At Norris McLaughlin, each attorney has the same opportunity to succeed whether you’re at the beginning of a career or pinnacle of the profession.

    Learn More

    Subscribe to our content

    Receive timely legal information delivered to your inbox

    This field is for validation purposes and should be left unchanged.
    © , Norris McLaughlin, P.A., All Rights Reserved. Attorney Advertising.
    VIEW OUR DISCLAIMER,  TERMS OF USE,  AND PRIVACY POLICY

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume you consent to our cookie policy. Learn more